Cloud applications are in use by most enterprises today, and we will soon reach the time where more corporate data will be stored in the cloud than on-premises. Moreover, everyone is using the cloud, and even companies without official SaaS apps in use have substantial Shadow IT usage of cloud. We know from past customer surveys that over 80% of employees admitted to using unapproved SaaS apps for corporate usage.

Let me share some brand new data from Microsoft Cloud App Security that will help put the scope of the Shadow IT challenge that many organizations face, into perspective:

On average, each employee uses 17 cloud apps, but many organizations don’t know what is in use, or whether these apps meet security, privacy and compliance requirements
In 91% of organizations, employees grant their personal accounts access to the organization’s cloud storage
70% of the organizations allow cloud admin activity from non-corporate, unsecured networks
75% of privileged cloud accounts are not in use. These accounts might be eating up the cost of a license, or worse, increasing the attack surface of the organization
On average, an organization shares 13% of its files externally, of which 25% are shared publicly
For security teams, it is important to have deep visibility, strong controls and threat protection for cloud apps. That is why we created Cloud App Security: to provide you with an easy and comprehensive solution so you can gain visibility into your cloud app usage and start controlling it via policy.

Why Microsoft?

As the need for visibility and control into cloud apps has increased the market for cloud app security, the Cloud Access Security Broker (CASB) market, has been one of the most active markets in the security space. Over several years, multiple companies have tried to provide an answer to this growing customer need; however, a comprehensive solution has yet to emerge. Today, customers often use only basic discovery capabilities without really leveraging cloud control capabilities. The crux of the matter is that cloud security is a paradigm shift from classic network-based security to something new and the market is waiting for a solution that can solve the different security issues across identity, device, data and application.

What do you get with Cloud App Security?

App Discovery: Cloud App Security identifies all cloud applications in your network—from all devices—and provides risk scoring and ongoing risk assessment and analytics
Data Control: With special focus on sanctioned apps, you can set granular controls and policies for data sharing and loss prevention (DLP) leveraging API-based integration. You can use either out-of-the box policies or build and customize your own
Threat Protection: Cloud App Security provides threat protection for your cloud applications leveraging user behavioral analytics and anomaly detection
How does the product work?

So let’s get into the details, the product we are announcing today has two main components; discovery of cloud usage in the company using log-based traffic analysis and granular control for sanctioned apps leveraging API-based integration. They can be deployed and configured within minutes, so easy that we can do it together in this blog: